package com.example.gateway;

import cn.hutool.jwt.JWT;
import cn.hutool.jwt.JWTUtil;
import com.example.common.App;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

import java.util.List;

/**
 *   登录判断
 */
@Component
public class AuthFilter implements GlobalFilter,Ordered {
    public AuthFilter() {
        super();
    }
    //要被排除的接口
    public String[]jiekou={"/user/add","/user/login","/art/getuserart","/art/getlistbypage","/art/getbyid",
            "/comment/listbyaid","/user/getbyuid","/user/getcode"};

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        //判断接口是否是要被排除的接口
        String path=exchange.getRequest().getURI().getPath();
        for(String url:jiekou){
            if(url.equals(path)){
                return chain.filter(exchange);
            }
        }
        //从前端请求中得到token
       List<String> tokens=exchange.getRequest().getHeaders().get(App.token_key);
        ServerHttpResponse response=exchange.getResponse();
       if(tokens==null||tokens.size()==0){
           response.setStatusCode(HttpStatus.UNAUTHORIZED);
           return response.setComplete();
       }
       String token=tokens.get(0);
       boolean result=false;
       try {
           //验证token
         result = JWTUtil.verify(token, App.JWT_KEY.getBytes());
       }catch (Exception e){
           response.setStatusCode(HttpStatus.UNAUTHORIZED);
           return response.setComplete();
       }
       if(!result){
           response.setStatusCode(HttpStatus.UNAUTHORIZED);
           return response.setComplete();
       }
        final JWT jwt = JWTUtil.parseToken(token);
       //取出token里设置的过期时间
        String expiretime= jwt.getPayload("expire_time").toString();
        if(expiretime==null){
            response.setStatusCode(HttpStatus.UNAUTHORIZED);
            return response.setComplete();
        }
        //如果当前时间大于过期时间，则需要重新登录
        if(System.currentTimeMillis()>Long.parseLong(expiretime)){
            response.setStatusCode(HttpStatus.UNAUTHORIZED);
            return response.setComplete();
        }
        //将token中uid、manager存到header
        String mannager=jwt.getPayload("manager").toString();
        String uid=jwt.getPayload("uid").toString();
        response.getHeaders().set("manager",mannager);
        response.getHeaders().set("uid",uid);
        //修改原始request添加header
        ServerHttpRequest request=exchange.getRequest().mutate().header("uid",uid)
                .header("manager",mannager).build();
        return chain.filter(exchange.mutate().request(request).build());
    }

    @Override
    public int getOrder() {
        return 1;
    }
}
